CVE-2018-14593

English news about the ticket system and this board
Dont create your support topics here!
Forum rules
Dont create your support topics here!
Locked
jojo
Znuny guru
Posts: 15019
Joined: 26 Jan 2007, 14:50
Znuny Version: Git Master
Contact:

CVE-2018-14593

Post by jojo »

Please be aware of a critical security patch for ((OTRS Community Edition)) in versions 4, 5 and 6 released today.

A local attacker (agent) can gain any other users permission via URL manipulation.

Please be also aware that versions prior to OTRS 4 are affected but will not be patched!
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master

Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
Locked